2

Windows 7, 64bit.

I have an application which I don't trust but still need to run.

I would like to run the installer of this application and later on the installed executable under some kind of "strace" for windows which will record what this application did to the system.

Mainly:

  • What files have been created / edited?
  • What registery changed have been made?
  • To what network hosts did the application tried to communicate?

Ideally I would also be able to generate a "UNDO" action to undo all the changes.

Please don't suggest full Virtualization solutions such as Virtualbox, VMWare and co. because the application should run in the host system (A "sandbox" approach will OTHO be accepted, IMHO).

Do you any such utility I can use?

Thank you, Maxim.

Hennes
  • 64,768
  • 7
  • 111
  • 168
Maxim Veksler
  • 177
  • 1
  • 2
  • 11
  • Can I ask what the untrusted app is? – Hugh Allen Apr 21 '10 at 09:15
  • It's not really relevant, It might as well be some application that I have developed myself and would like to trace it's behavior. As for your question: Babylon translator, it's a great application but tends to install lots of "toolbars", "addons" and other not so useful "plugins" which I would really rather it would not do. I want to make sure that when I deselected them all the actually really do not get installed. – Maxim Veksler Apr 21 '10 at 10:29

2 Answers2

1

Think I found it http://www.sandboxie.com/

Maxim Veksler
  • 177
  • 1
  • 2
  • 11
0

The other alternative is to create a restore point just before you install the application and then roll back to that after you've finished.

However, it does mean that any other changes you make to the system will be lost - so it might not be an ideal solution.

ChrisF
  • 41,278
  • 17
  • 101
  • 154